New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Yes. When, and ONLY when, a new client opened 400+ SMTP connections and I saw they had logged in via solusvm console immediately after provision, I ran "ls -al /vz/private/ctid/var/log" and saw Symlinks to /dev/null 100% of the time past a certain date.
Reason? Because we were legally liable for their federal crime without documentation of the event and I wanted their outgoing mail logs in an evidence zip that I kept for 90 days before I would assume that we were not facing any criminal complaints against our company. Obviously, bad Symlinks do not need to be stored.
It became a quick way for me to identify if I would be able to store evidence for any legal inquiries, and quickly became very evident that the spammers did this on purpose to avoid just that.
I did NOT read the contents of the files. We provided a Linux product, I'm not stupid, I know what Linux is and I know what's reasonable. The idea that this spammer's feelings could be hurt by my mere verification of the existence of standard Linux files is not something that will keep me awake at night.
If you don't run your company based on the actual context of the product you provide, and if you do not take steps to retain data that may result in future legal requests OR your liability for said data in the absence of it, and you run out of the US, you're just a kid running a toy host or you're rolling the dice with your future. Adults handle their business.
No one but spammers ever had anything to worry about from my actions and no private data was read. The names of Linux log files are not private, they are standard. I challenge anyone to show me a log file directory containing private information that should not be public that is not made as an exercise to argue on LET just "to do it."
@Jar
If i'd place myself in a neutral position and try to think from the customer & provider side then it will become a difficult picture, In order to fight abuse you have to either obtain information from the virtualmachine or network - this will be seen as privacy violation by the customer, this potentially will drive customers away (if they become aware of it.) If I were in your shoes I wouldn't know how to bypass this problem. Personally I still dislike any kind of information snooping.
I'm going to follow this thread and hopefully someone will be able to find a way to keep both parties happy but right now I dont see how to accomplish that.
Limit outgoing connections for SMTP on your core router with tarpit. They mean they send spam, but nothing go out
@Maounique, thanks for explaining my viewpoint in different words.
@Jar, I appreciate your attempts to express irony. But if I ordered a VPS from you and you could venture to see its system logs, you would be seriously discouraged to find nothing but binary garbage.
Well, I'll be the first person expressing concern. Feel free to find any proof that I am involved into bulk unsolicited email sending.
However, answering to @Mark_R statement, there is perhaps a solution to this dilemma.
It's simple: throttle and/or forbid entirely sending SMTP via standard ports in quantities large enough to compromise your IP addresses. Instead, they could be encouraged to use external services like PostmarkApp, Amazon SES and the rest.
That would ward off spammers in most cases. If you see any irrepairable fault in this logic, let me know.
File names of the logs, not the logs. Never mind you're never going to get it. Idealism is cute but at the end of the day that's all it is. Idealist vs realist. I would never take responsibility for a federal crime for someone else and I would always take evidence when someone committed one with my equipment. If you are in the US where that action is a crime and you like to roll the dice with your business, that's your business. Anything in my signature will be run like an adult who knows how the real world works.
In this kind of business there are always people on the same equipment who depend on it for their livelihood. Those are the people that I would be looking out for, not the precious feelings of the person who risks the safety of their data.